package org.apache.tuweni.scuttlebutt.handshake;

import java.util.ArrayList;
import org.apache.tuweni.bytes.Bytes;
import org.apache.tuweni.bytes.MutableBytes;
import org.apache.tuweni.crypto.sodium.SHA256Hash;
import org.apache.tuweni.crypto.sodium.SecretBox;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/apache/tuweni/scuttlebutt/handshake/SecureScuttlebuttStream.class */
public final class SecureScuttlebuttStream implements SecureScuttlebuttStreamClient, SecureScuttlebuttStreamServer {
    private final SecretBox.Key clientToServerKey;
    private final MutableBytes clientToServerNonce;
    private final SecretBox.Key serverToClientKey;
    private final MutableBytes serverToClientNonce;
    private Bytes clientToServerBuffer = Bytes.EMPTY;
    private Bytes serverToClientBuffer = Bytes.EMPTY;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureScuttlebuttStream(SHA256Hash.Hash hash, Bytes bytes, SHA256Hash.Hash hash2, Bytes bytes2) {
        this.clientToServerKey = SecretBox.Key.fromHash(hash);
        this.serverToClientKey = SecretBox.Key.fromHash(hash2);
        this.clientToServerNonce = bytes.mutableCopy();
        this.serverToClientNonce = bytes2.mutableCopy();
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamClient
    public synchronized Bytes sendToServer(Bytes bytes) {
        return encrypt(bytes, this.clientToServerKey, this.clientToServerNonce);
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamClient
    public synchronized Bytes sendGoodbyeToServer() {
        return sendToServer(Bytes.wrap(new byte[18]));
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamClient
    public synchronized Bytes readFromServer(Bytes bytes) {
        return decrypt(bytes, this.serverToClientKey, this.serverToClientNonce, false);
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamServer
    public synchronized Bytes sendToClient(Bytes bytes) {
        return encrypt(bytes, this.serverToClientKey, this.serverToClientNonce);
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamServer
    public synchronized Bytes sendGoodbyeToClient() {
        return sendToClient(Bytes.wrap(new byte[18]));
    }

    @Override // org.apache.tuweni.scuttlebutt.handshake.SecureScuttlebuttStreamServer
    public synchronized Bytes readFromClient(Bytes bytes) {
        return decrypt(bytes, this.clientToServerKey, this.clientToServerNonce, true);
    }

    private Bytes decrypt(Bytes bytes, SecretBox.Key key, MutableBytes mutableBytes, boolean z) {
        Bytes decryptMessage;
        int i = 0;
        ArrayList arrayList = new ArrayList();
        Bytes concatenate = z ? Bytes.concatenate(new Bytes[]{this.clientToServerBuffer, bytes}) : Bytes.concatenate(new Bytes[]{this.serverToClientBuffer, bytes});
        while (i < concatenate.size() && (decryptMessage = decryptMessage(concatenate.slice(i), key, mutableBytes)) != null) {
            arrayList.add(decryptMessage);
            i += decryptMessage.size() + 34;
        }
        if (z) {
            this.clientToServerBuffer = concatenate.slice(i);
        } else {
            this.serverToClientBuffer = concatenate.slice(i);
        }
        return Bytes.concatenate((Bytes[]) arrayList.toArray(new Bytes[0]));
    }

    private Bytes decryptMessage(Bytes bytes, SecretBox.Key key, MutableBytes mutableBytes) {
        if (bytes.size() < 34) {
            return null;
        }
        try {
            MutableBytes mutableCopy = mutableBytes.mutableCopy();
            SecretBox.Nonce fromBytes = SecretBox.Nonce.fromBytes(mutableCopy);
            SecretBox.Nonce fromBytes2 = SecretBox.Nonce.fromBytes(mutableCopy.increment());
            Bytes decrypt = SecretBox.decrypt(bytes.slice(0, 34), key, fromBytes);
            if (decrypt == null) {
                throw new StreamException("Failed to decrypt message header");
            }
            int i = ((decrypt.get(0) & 255) << 8) + (decrypt.get(1) & 255);
            if (bytes.size() < i + 34) {
                destroyIfNonNull(fromBytes);
                destroyIfNonNull(fromBytes2);
                return null;
            }
            Bytes decrypt2 = SecretBox.decrypt(Bytes.concatenate(new Bytes[]{decrypt.slice(2), bytes.slice(34, i)}), key, fromBytes2);
            if (decrypt2 == null) {
                throw new StreamException("Failed to decrypt message");
            }
            mutableBytes.increment().increment();
            destroyIfNonNull(fromBytes);
            destroyIfNonNull(fromBytes2);
            return decrypt2;
        } catch (Throwable th) {
            destroyIfNonNull(null);
            destroyIfNonNull(null);
            throw th;
        }
    }

    private Bytes encrypt(Bytes bytes, SecretBox.Key key, MutableBytes mutableBytes) {
        int ceil = (int) Math.ceil(bytes.size() / 4096.0d);
        Bytes[] bytesArr = new Bytes[ceil];
        for (int i = 0; i < ceil; i++) {
            bytesArr[i] = encryptMessage(bytes.slice(i * 4096, Math.min((i + 1) * 4096, bytes.size() - (i * 4096))), key, mutableBytes);
        }
        return Bytes.concatenate(bytesArr);
    }

    private Bytes encryptMessage(Bytes bytes, SecretBox.Key key, MutableBytes mutableBytes) {
        SecretBox.Nonce nonce = null;
        SecretBox.Nonce nonce2 = null;
        try {
            nonce = SecretBox.Nonce.fromBytes(mutableBytes);
            nonce2 = SecretBox.Nonce.fromBytes(mutableBytes.increment());
            mutableBytes.increment();
            Bytes encrypt = SecretBox.encrypt(bytes, key, nonce2);
            Bytes concatenate = Bytes.concatenate(new Bytes[]{SecretBox.encrypt(Bytes.concatenate(new Bytes[]{Bytes.ofUnsignedInt(encrypt.size() - 16).slice(2), encrypt.slice(0, 16)}), key, nonce), encrypt.slice(16)});
            destroyIfNonNull(nonce);
            destroyIfNonNull(nonce2);
            return concatenate;
        } catch (Throwable th) {
            destroyIfNonNull(nonce);
            destroyIfNonNull(nonce2);
            throw th;
        }
    }

    private void destroyIfNonNull(SecretBox.Nonce nonce) {
        if (nonce != null) {
            nonce.destroy();
        }
    }
}
